Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/06d20303-8537-47c7-bd75-8dea01488a0a.roa
File: 06d20303-8537-47c7-bd75-8dea01488a0a.roa (raw, json)
Hash identifier: pgHyZentZUnCaSwXVBUfhDngqYMOWWQKbl0dg3gfTt4=
Subject key identifier: 0C:94:0E:99:74:AC:8D:1B:67:B1:85:4C:F3:97:5B:CE:3A:C4:4E:53
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0FE9B638D8D51F7108CF19CB36FF694D5278F9FC
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/06d20303-8537-47c7-bd75-8dea01488a0a.roa
Signing time: Mon 10 Jun 2024 00:00:00 +0000
ROA not before: Mon 10 Jun 2024 00:00:00 +0000
ROA not after: Mon 15 Jul 2024 23:59:59 +0000
asID: 16509
IP address blocks: 185.143.16.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 08:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0f:e9:b6:38:d8:d5:1f:71:08:cf:19:cb:36:ff:69:4d:52:78:f9:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 10 00:00:00 2024 GMT
Not After : Jul 15 23:59:59 2024 GMT
Subject: serialNumber=e213fc399fd8e98e0613519a54334f76882d68f7135e6a633de74ac39945e5ab, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:6c:e0:28:5f:d6:57:05:94:27:d1:e4:92:ac:
9f:e3:ee:c1:92:9a:9e:da:6e:45:5c:4a:cf:fb:03:
2a:92:f1:69:e6:c7:c6:b8:0b:2a:14:ad:bd:85:2b:
e1:e7:01:1d:fa:5f:34:09:53:36:39:0b:b1:e8:f9:
1e:31:5a:b2:6e:19:d2:8c:2e:dc:bd:73:45:e8:c0:
55:0b:db:24:4e:37:16:3f:0f:7e:ef:fa:d9:02:9e:
3a:8b:fe:c1:a5:be:e8:ae:a3:9c:69:f1:e0:c4:de:
34:05:4f:37:9d:46:a0:b9:e6:2c:a8:82:84:c8:72:
45:89:06:2f:77:a1:be:5a:8d:f7:e5:2b:ea:0f:dd:
2f:c8:31:fb:f6:76:2b:71:bd:61:39:d0:d6:62:37:
98:08:62:a5:14:5e:54:5b:97:7c:cb:a6:04:34:8d:
a4:07:63:33:de:1d:7f:a2:8f:51:c5:1b:20:f2:21:
87:84:e5:c1:9b:6d:81:f4:53:1b:c3:41:e7:41:f0:
7d:64:64:9e:c6:e4:91:e4:77:62:69:a5:70:e5:64:
b7:fb:98:34:df:5f:e3:81:8d:81:d5:9e:d4:e6:25:
ea:9c:cd:2f:37:f9:55:95:ec:68:98:f3:e6:aa:ba:
00:59:f6:f1:0c:31:a3:c3:53:7e:15:d9:05:0c:52:
77:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:94:0E:99:74:AC:8D:1B:67:B1:85:4C:F3:97:5B:CE:3A:C4:4E:53
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/06d20303-8537-47c7-bd75-8dea01488a0a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.143.16.0/24
Signature Algorithm: sha256WithRSAEncryption
bb:75:27:e3:6e:53:1d:35:71:a8:d1:7f:4e:0c:1f:d8:c5:fb:
60:d5:4f:4f:12:74:81:06:e2:b2:c4:5b:c6:7e:10:37:5c:42:
6c:24:78:12:d2:f6:13:d1:1e:fa:25:fe:2c:09:83:89:03:40:
5d:15:4f:bc:bf:d6:b5:9d:7e:8f:d5:f2:82:df:9a:84:6f:7c:
e0:30:60:35:0f:7a:22:60:c9:8e:44:d3:c9:f1:9a:5a:3b:15:
7a:7f:1d:8d:9f:c1:65:26:cc:67:81:5f:fc:39:cd:ed:ea:d8:
8c:1f:c2:87:40:09:4e:39:42:83:83:94:99:a0:2d:e3:ac:05:
1b:32:fc:47:ff:58:57:ba:73:ad:52:b3:27:73:c5:66:45:8c:
26:75:08:27:24:75:11:ac:67:7b:5f:8d:b6:41:78:0b:b9:cc:
96:a2:33:d8:3a:8f:50:2b:e3:b1:e7:2e:c5:92:74:e7:ba:07:
3f:b0:07:be:8c:fa:8c:99:83:76:0e:b3:0b:4b:8b:a1:b9:cc:
5a:26:5f:db:88:80:7a:fc:f9:0c:71:c8:d4:cc:4d:68:13:b2:
1f:f4:c7:85:ad:c4:18:57:8b:79:e8:7f:96:c1:26:bc:ef:26:
ad:57:40:22:21:3a:3d:e1:1f:cf:bf:9c:c7:7a:fb:2c:e9:0c:
66:99:0b:a6
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUD+m2ONjVH3EIzxnLNv9pTVJ4+fwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA2MTAwMDAwMDBaFw0yNDA3MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGUyMTNmYzM5OWZkOGU5OGUwNjEzNTE5YTU0MzM0Zjc2ODgyZDY4ZjcxMzVl
NmE2MzNkZTc0YWMzOTk0NWU1YWIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM9s4Chf1lcFlCfR5JKsn+PuwZKantpuRVxKz/sDKpLxaebHxrgLKhStvYUr
4ecBHfpfNAlTNjkLsej5HjFasm4Z0owu3L1zRejAVQvbJE43Fj8Pfu/62QKeOov+
waW+6K6jnGnx4MTeNAVPN51GoLnmLKiChMhyRYkGL3ehvlqN9+Ur6g/dL8gx+/Z2
K3G9YTnQ1mI3mAhipRReVFuXfMumBDSNpAdjM94df6KPUcUbIPIhh4TlwZttgfRT
G8NB50HwfWRknsbkkeR3YmmlcOVkt/uYNN9f44GNgdWe1OYl6pzNLzf5VZXsaJjz
5qq6AFn28Qwxo8NTfhXZBQxSdw8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQMlA6Z
dKyNG2exhUzzl1vOOsROUzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MDZkMjAzMDMtODUzNy00N2M3LWJkNzUtOGRlYTAxNDg4YTBhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALmPEDAN
BgkqhkiG9w0BAQsFAAOCAQEAu3Un425THTVxqNF/Tgwf2MX7YNVPTxJ0gQbissRb
xn4QN1xCbCR4EtL2E9Ee+iX+LAmDiQNAXRVPvL/WtZ1+j9Xygt+ahG984DBgNQ96
ImDJjkTTyfGaWjsVen8djZ/BZSbMZ4Ff/DnN7erYjB/Ch0AJTjlCg4OUmaAt46wF
GzL8R/9YV7pzrVKzJ3PFZkWMJnUIJyR1Eaxne1+NtkF4C7nMlqIz2DqPUCvjsecu
xZJ057oHP7AHvoz6jJmDdg6zC0uLobnMWiZf24iAevz5DHHI1MxNaBOyH/THha3E
GFeLeeh/lsEmvO8mrVdAIiE6PeEfz7+cx3r7LOkMZpkLpg==
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:38 2024 by rpki-client on console-ams.rpki-client.org